XRPL Developments Weekly Summary: 2026-02-21 to 2026-02-28

Headline

rippled 3.1.1 shipped this week as a security hotfix, disabling the Batch (XLS-56) and fixBatchInnerSigs amendments after a critical signature-validation bug was discovered and publicly disclosed. Alongside the release, the developer documentation site received a major tutorials landing page overhaul and a heap memory optimization landed in the core server to reduce RAM usage on long-running Linux nodes.

Summary

This week's most important development was the release of rippled 3.1.1, a security hotfix for the XRP Ledger's reference server software. Researchers discovered a serious flaw in the "Batch" feature — a proposed upgrade that would let users bundle multiple transactions together. The bug meant an attacker could potentially execute transactions on behalf of any account without having that account's private key, which could have enabled theft of funds. Crucially, the Batch feature had not yet been activated on the main network, so no real funds were ever at risk. The fix disables Batch entirely until a corrected version can be built and reviewed. Validators and server operators should upgrade to 3.1.1 immediately. Note that Ripple has also changed the security key used to verify the software package — the blog post linked above explains how to update your verification setup.

A second notable change in 3.1.1 is a memory optimization for nodes running on Linux. Over time, servers can hold on to RAM even after they've finished using it, slowly increasing memory consumption. The update adds an explicit step after each internal cleanup cycle that tells the operating system it can reclaim that unused memory. This means long-running validator and full-history nodes should use less RAM over time, which can reduce hosting costs. The team tested this on Mainnet and a full performance report is being prepared.

On the developer tooling side, the official XRPL documentation site (xrpl.org) received a substantial update this week: a new tutorials landing page that organizes guides by category and automatically detects which programming languages each tutorial supports, plus a new feature that syncs your coding language preference (JavaScript, Python, etc.) across all pages and remembers it for your next visit. The Python SDK (xrpl-py) also dropped support for Python 3.8, which has been past its end-of-life date since October 2024 — developers using xrpl-py should ensure they are on Python 3.9 or newer. For full details, see the 3.1.1 release page, the vulnerability report, and follow @XRPLF and @RippleXDev for ongoing updates.

What Shipped

Protocol & Security: Batch Disabled in rippled 3.1.1

rippled 3.1.1 was released on 2026-02-23: release notes | blog post

The release marks both Batch (XLS-56) and fixBatchInnerSigs as Supported::no, preventing them from activating on any network. This followed the public Vulnerability Disclosure Report (2026-02-26) confirming that a critical logic flaw in Batch's signature-validation code — identified by Pranamya Keshkamat and Cantina AI on February 19 — could have allowed an attacker to execute inner transactions on behalf of arbitrary accounts without their private keys. The amendment was in its voting phase and had not activated on mainnet; no funds were at risk.

Action required for validators and node operators: Upgrade to 3.1.1. Note that Ripple has also rotated the GPG key used to sign rippled packages — details on the blog.

The hotfix changes were cherry-picked into develop via rippled#6417 to ensure future releases inherit the fix. A corrected replacement amendment (BatchV1_1) is under development; no release timeline has been set.

Devnet reset: Devnet was reset on March 3, 2026 to prevent validators running 3.1.1 from becoming amendment-blocked. The reset deleted all Devnet ledger data (accounts, balances, transactions). Mainnet, Testnet, and other networks were unaffected.

Performance: Explicit Heap Trimming for Linux Nodes

rippled#6022 — Introduces a MallocTrim utility in libxrpl that calls malloc_trim(0) on Linux/glibc systems after each cache sweep, returning freed heap pages to the OS. On non-Linux builds the helper is a no-op. Approved by 2 reviewers; tested internally and on Mainnet. A blog post with full performance results is in progress. (+442 lines in 4 files)

Code Quality: InvariantCheck Refactored into Focused Modules

rippled#6440 — The monolithic InvariantCheck.h (733 lines) and InvariantCheck.cpp (3,483 lines) were split into 10 focused header/source pairs under a new invariants/ subdirectory. A shared Privilege enum was extracted into its own header. This makes the invariant system significantly easier to navigate and extend. Approved by 2 reviewers. (+4,423/-4,220 in 23 files)

DeFi / Lending Protocol (XLS-66)

rippled#6356 — Adds an optional Data (sfMemoData) field to the VaultDelete transaction, allowing vault creators to record a reason for deletion. Spec reference: XRPL-Standards#470. Approved by 1 reviewer. (+80/-16 in 3 files)

The XLS-66 Lending Protocol spec (XRPL-Standards#240) was also merged into the standards repository this week, formalizing the draft spec for on-chain lending.

Standards: server_definitions Enhancements (XLS-97)

XRPL-Standards#464 — A new XLS draft covering enhancements to the server_definitions RPC (Formats, Fields, and Flags) was merged and assigned XLS-97. Approved by 2 reviewers. (+6,983 lines in 2 files)

Developer Documentation

Several significant doc updates shipped this week in xrpl-dev-portal:

• Vulnerability disclosure report published (#3521) and 3.1.1 blog added (#3511).
• Known Amendments page updated (#3522) — Batch and fixBatchInnerSigs now marked as obsolete. Setup scripts migrated from Batch to Tickets.
• Tutorials landing page overhauled (#3509) — New curated layout with categorized tutorials and auto-detected programming language icons on cards. (+639/-86 in 18 files)
• Cross-page tab syncing (#3516) — Code tabs now sync across all pages and persist via local storage. +211 lines.
• Redirect updates (#3512) — Added and cleaned up redirects for the tutorials IA v4 reorganization.
• Component library refactor (#3510) — 3 new UI components (CalloutMediaBanner, Video, SectionHeader), reorganized structure, accessibility improvements. (+1,328/-894 in 121 files)

SDKs

• xrpl-py drops Python 3.8 support (xrpl-py#917) — Python 3.8 reached end-of-life in October 2024. Minimum supported version is now Python 3.9. This is a breaking change for anyone still on 3.8. (+22/-614 in 8 files)
• xrpl4j CI fix (xrpl4j#709) — Switches CI to rippleci/rippled:develop tag and updates the container entrypoint to xrpld, fixing integration test failures.

Infrastructure & Developer Experience

• rippled#6431 — Nix pre-commit hook made optional for local development (still enforced in CI), making it easier for developers without Nix installed.
• rippled#6314 — Nix development environment added (.envrc removed after reviewer feedback).
• rippled#6414 — Enables additional clang-tidy checks with no outstanding issues. (+192/-152 in 4 files)
• rippled#6313 — Database fetch functions now use uint256 const& directly instead of a round-trip through void*, simplifying internal code. Approved by 3 reviewers.
• rippled#6339 — CI test output now greps for failures, making errors easier to spot — especially on mobile.
• clio#2958 — Automated clang-tidy fixes applied across 38 files (+138/-72).

In Progress

• xrpl.js MPT-DEX support (xrpl.js#3214) — Implements XLS-82d MPT-DEX support with updates to transaction/request models, binary codec, and integration tests. +2,363/-71 in 40 files. Active review in progress.
• xrpl.js Confidential Transfers for MPTs (xrpl.js#3215) — Draft PR adding Confidential Transfer support for Multi-Purpose Tokens. +1,177 lines in 19 files.
• xrpl.js missing type fields (xrpl.js#3217) — Adds missing request/response fields for VaultInfo, NFTSellOffers, NFTBuyOffers, AMMInfo, and AccountNFTs. Has outstanding linter and integration test failures to resolve.
• xrpl4j MPT-DEX support (xrpl4j#704) — XLS-82d implementation for the Java SDK, +4,557/-197 in 45 files. Under active review.
• XLS-66 Lending spec: improved vault share pricing (XRPL-Standards#485) — Introduces InterestUnrealized field to Vault ledger entries for cash-basis share valuation. Changes requested.
• XLS-66: PermissionedDomain access control for LoanBroker (XRPL-Standards#484) — Adds optional private LoanBroker support via Permissioned Domains. Approved by 1 reviewer.
• XLS-87: Token Pre-Authorization (XRPL-Standards#480) — New draft spec for token pre-authorization, converted from Discussion #258.
• XRPL-Standards bot improvements — Several PRs open to improve XLS number assignment automation: only assign after maintainer approval (#483), fix bot returning wrong number (#478), close discussions on merge (#482).
• Wasm module reuse disabled (rippled#6364) — Wasm module reuse is restricted to performance testing and removed from release builds. -1,855 lines of production code removed.
• Wasm unit tests expanded (rippled#6392, rippled#6413) — Additional unit tests for invalid opcodes and function parameters.

What to Watch Next Week

• BatchV1_1 development: The dangell7/batch-v1 branch (9 commits ahead of develop) is active. Watch for a PR to open with the corrected Batch implementation.
• Devnet reset (March 3): Already scheduled. Developers using Devnet test accounts will need to re-fund from the faucet after reset.
• xrpl-py vulnerability scan for PRs (perform-vulnerability-scan-for-pull-request branch, 3 commits ahead) — Adds Trivy security scanning to PR workflows; a PR appears imminent.
• AMMClawback documentation bug (xrpl-dev-portal#3520) — The AMMClawback.asset docs incorrectly imply XRP is a valid input. A fix PR is likely.

Community & Discussions

• Batch vulnerability disclosure (xrpl.org blog) — The full technical report credits Pranamya Keshkamat and Cantina AI with identifying the flaw. The report notes that even before this specific bug was reported, Batch had been disabled as a precaution to ensure fixBatchInnerSigs would activate first.

• online_delete disk I/O issue (rippled#6202, now closed) — A community member raised the issue of excessive load caused by online_delete rotation cycles. Core team members clarified the two-database rotation design. A community validator operator noted this and documented tuning guidance in their own validator dashboard.

• AMMClawback docs inaccuracy (xrpl-dev-portal#3520) — A contributor flagged that the AMMClawback transaction docs imply XRP is a valid asset field input, but the implementation throws temMALFORMED for XRP. Open for a doc fix.

• Account deletion docs need update (xrpl-dev-portal#3525) — Core team flagged that the account deletion requirements page needs to be updated to reflect current implemented behavior, including the rule that an account cannot be deleted if it is the issuer of any live NFTs in the ledger.

• New "Delete an Account" tutorial requested (xrpl-dev-portal#3514) — Issue opened for a new JS/Python tutorial covering AccountDelete best practices including checking for deletion blockers and using fail_hard.

• xrpl4j: SeedCodec.encode not used (xrpl4j#706) — Potential code duplication in the Java SDK's seed encoding path flagged for investigation.

By the Numbers